CVE-2018-16060
Mitsubishi Electric SmartRTU devices allow remote attackers to obtain sensitive information (directory listing and source code) via a direct request to the /web URI.
Source: CVE-2018-16060
CVE-2018-16061
CVE-2018-16061
Mitsubishi Electric SmartRTU devices allow XSS via the username parameter or PATH_INFO to login.php.
Source: CVE-2018-16061
CVE-2021-27561
CVE-2021-27561
Yealink Device Management (DM) 3.6.0.20 allows command injection as root via the /sm/api/v1/firewall/zone/services URI, without authentication.
Source: CVE-2021-27561
CVE-2021-29679
CVE-2021-29679
IBM Cognos Analytics 11.1.7 and 11.2.0 could allow an authenticated user to execute code remotely due to incorrectly neutralizaing user-contrlled input that could be interpreted a a server-side include (SSI) directive. IBM X-Force ID: 199915.
Source: CVE-2021-29679
CVE-2020-4951
CVE-2020-4951
IBM Cognos Analytics 11.1.7 and 11.2.0 contains locally cached browser data, that could allow a local attacker to obtain sensitive information.
Source: CVE-2020-4951
CVE-2021-29745
CVE-2021-29745
IBM Cognos Analytics 11.1.7 and 11.2.0 is vulnerable to priviledge escalation where a lower evel user could have access to the ‘New Job’ page to which they should not have access to. IBM X-Force ID: 201695.
Source: CVE-2021-29745
CVE-2021-28021
CVE-2021-28021
Buffer overflow vulnerability in function stbi__extend_receive in stb_image.h in stb 2.26 via a crafted JPEG file.
Source: CVE-2021-28021
CVE-2021-41320
CVE-2021-41320
A technical user has hardcoded credentials in Wallstreet Suite TRM 7.4.83 (64-bit edition) with higher privilege than the average authenticated user.
Source: CVE-2021-41320
CVE-2021-40993
CVE-2021-40993
A remote SQL injection vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 – – ClearPass Policy Manager 6.9.x prior to 6.9.7-HF1 – – ClearPass Policy Manager 6.8.x prior to 6.8.9-HF1. Aruba has released patches for ClearPass Policy Manager that address this security vulnerability.
Source: CVE-2021-40993
CVE-2021-40998
CVE-2021-40998
A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy Manager version(s): ClearPass Policy Manager 6.10.x prior to 6.10.2 – – ClearPass Policy Manager 6.9.x prior to 6.9.7-HF1 – – ClearPass Policy Manager 6.8.x prior to 6.8.9-HF1. Aruba has released patches for ClearPass Policy Manager that address this security vulnerability.
Source: CVE-2021-40998